security: add nginx headers and fix npm vulnerabilities

- Add security headers to nginx (X-Frame-Options, CSP, etc.)
- Reduce client_max_body_size from 500M to 10M
- Add npm overrides to fix cookie vulnerability in csurf
- Make navbar sticky with full width

backend/package.json

@@ -62,5 +62,10 @@
   },
   "prisma": {
     "seed": "node prisma/seed.js"
+  },
+  "overrides": {
+    "csurf": {
+      "cookie": "^0.7.0"
+    }
   }
 }